<?php
	session_start();
?>
<?php
	include_once "connection.php";
?>
<?php
	/* 该页面用于保存评论 */
	$user_id = $_SESSION['user_id'];
	$post_id = $_SESSION['post_id'];
	$reply_context = $_POST['reply_context'];

	$sql = "insert into reply(reply_content, user_id, post_id, reply_date) values(?, ?, ?, ?)";
	$message = array();
	try{
		$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
		$dbh->beginTransaction();

		$result = $dbh->prepare($sql);		/* 使用PDO::prepare()防止SQL注入 */
		$result->execute(array($reply_context, $user_id, $post_id, date('Y-m-d H:i:s')));
		$message[0] = "评论发表成功";
		$message[1] = "<a href=\"post_read.php?post_id=$post_id\" target=\"_top\">查看评论</a>";

		$dbh->commit();
	}
	catch(Exception $e){
		$message[0] = "评论发表失败";
		$message[1] = $e->getMessage();
	}
?>
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
		<title>发表评论</title>
		<style type="text/css">
			body{
				background: #fff;
			}
			.info{
				height: 18px;
				width: 300px;
				margin: 6px auto 0;
				color: #444;
				font-size: 18px;
				text-align: center;
			}
		</style>
	</head>
	<body>
		<?php
			foreach($message as $info) {
				echo "<div class=\"info\">$info</div>";
			}
		?>
	</body>
</html>